Hello, Dne 25.10.2019 v 02:20 Martin K. Petersen napsal(a): > > Hi Maurizio, > >> iSCSI with the Challenge-Handshake Authentication Protocol is not FIPS >> compliant. This is due to the fact that CHAP currently uses MD5 as >> the only supported digest algorithm and MD5 is not allowed by FIPS. >> >> When FIPS mode is enabled on the target server, the CHAP >> authentication won't work because the target driver will be prevented >> from using the MD5 module. >> >> Given that CHAP is agnostic regarding the algorithm it uses, this >> patchset introduce support for three new alternatives: SHA1, SHA256 >> and SHA3-256. > > Can you please submit these on top of 5.5/scsi-queue which has your > string parsing fixes in place? > I will rebase on top of 5.5/scsi-queue and send a V3. Thanks, Maurizio
